Episode 34

full
Published on:

22nd Nov 2023

Decoding Generative AI: Myths, Realities and Cybersecurity Insights

In the latest episode of the Razorwire podcast, I am delighted to welcome back our esteemed cybersecurity professionals, Oliver Rochford and Richard Cassidy. Today, we delve into the fascinating realm of generative AI and its applications in the cybersecurity landscape.

We kick the episode off with an overview of generative AI. We discuss how it works and its training on extensive datasets to infer statistical relationships between words and concepts. While major cybersecurity vendors such as Google, CrowdStrike, SentinelOne, and Microsoft have announced integrations with generative AI, Oliver issues a cautionary note, highlighting that its capabilities are often subject to overhype.

We discuss the accuracy of generative AI's representation in the business community. Listen in to hear our consensus: Is it possible for generative AI to live up to the advanced AI depicted in science fiction?


Delving into practical cybersecurity use cases and exploring risks associated with explainability, trustworthiness of outputs, and potential regulatory implications


The aim of this episode is to give you valuable advice for venturing into the realm of generative AI. Tune in to the Razorwire podcast for an in-depth exploration of this evolving technology.


Andrés Horowitz has said that 80% of all of the investment in the generative AI startup goes on compute costs. They worked out that one training run on GPT, I think, 3.5 costs somewhere between half a million to $3,800,000. Is it even affordable?"

 Oliver Rochford


Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen


In this episode, we covered the following topics:


- Big Tech's control over the conversation and concerns about AI

- Inconsistencies in the guidelines and censorship policies of platforms like Spotify, Apple, and YouTube limit what can be discussed and criticised.

- The limitations and potential dangers of Artificial Generative Intelligence 

- The different opinions and viewpoints surrounding NFT technology and its impact and significance

- Importance of not overhyping NFTs and allowing for experimentation and exploration of new use cases

- Limitations of Gen AI tools, particularly in terms of explainability, interpretability, and trustworthiness of data

- Advising caution when utilising AI tools for security purposes and the importance of trust and verification

- How AI tools can help with paralysis and confusion in data analysis

- Examining the high valuation of OpenAI and people's unrealistic expectations of AI due to Hollywood portrayals

- Exploring the potential of AI-powered language models like Chat GPT, their integration into various products, and the need to avoid false information


GUEST BIOS


Oliver Rochford

Oliver has worked in cyber security as a penetration tester, consultant, researcher, and industry analyst for over 20 years. Interviewed, cited, and quoted by media, think tanks, and academia, he has written for SecurityWeek, CSO Online and Dark Reading. While working at Gartner, he co-named the Security Orchestration, Automation and Response (SOAR) market, worked on the SIEM Magic Quadrant, and also covered the European MSSP Market. In past lives, Oliver worked for Qualys, Verizon, Gartner,  Tenable and Securonix and is currently Chief Furitist at Tenzir, where he works on product strategy and marketing.  


Richard Cassidy

Richard Cassidy has been consulting to businesses on cyber security strategies and programs for more than two decades, working across highly regulated industries including finance, insurance, retail, manufacturing, government and military. During his career Richard has been heavily engaged in the design and implementation of infrastructure & cyber security solutions, helping organisations in evolving security, compliance, risk management, data assurance, automation, orchestration & breach response practices. 


Richard’s security operations experience includes managing CERT, breach response teams, threat intelligence & hunting teams, as well as educating the industry on how data and assets are targeted by cyber-criminal groups, which in return supports effective security practices and mitigation strategies. Richard has led major breach investigations across CNI (Critical National Infrastructure), Finance, Military and Educational institutions over the past decade, with a specific expertise in financial fraud investigations on SWIFT payment networks and OT Manufacturing environments, helping align technical investigation processes to business risk analysis to better serve breach response plans 

Combining hands on experience of the technologies and services that have evolved over the past two decades, with a detailed perspective on end user security risks, Richard focuses on delivering thought leadership tracks that help decision makers define practical security, compliance and data assurance strategies. He is well versed in showing organisations how to better navigate a highly complex and automated threat landscape, in tandem with achieving (and maintaining) regulatory, compliance and data assurance mandates that business leaders face in today’s technology landscape. 

Richard is an active industry contributor, regularly delivering speaker sessions at events including for SANS, BlackHat, IP Expo, InfoSec, FSISAC and security seminars EMEA wide, not least many article publications in the arena of cybersecurity, compliance, industrial control and emerging technology matters. 


Resources Mentioned


RSA

Google Sec PaLM

Crowdstrike Charlotte AI

Sentinel One Purple AI

Microsoft Security CoPilot

Jason Kierstead IBM

Picus Security AI Test

Chat GPT Open AI

SQL

Hitchhiker's Guide To The Galaxy

Dall-e 2


Other episodes you'll enjoy


ChatGPT Reveals Top 5 Cybersecurity Concerns for Businesses

https://www.razorthorn.com/chatgpt-reveals-top-5-cybersecurity-concerns-for-businesses/

Navigating the Turbulent Waters of Cybersecurity: Nationalism, Economics And AI

https://www.razorthorn.com/navigating-the-turbulent-waters-of-cybersecurity-nationalism-economics-and-ai/


Connect with your host James Rees


Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.

With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.

For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.

If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.


Linkedin: Razorthorn Security

Youtube: Razorthorn Security

Twitter:   @RazorThornLTD

Website: www.razorthorn.com


Loved this episode? Leave us a review and rating here


All rights reserved. © Razorthorn Security LTD 2024



This podcast uses the following third-party services for analysis:

OP3 - https://op3.dev/privacy
Show artwork for Razorwire Cyber Security

About the Podcast

Razorwire Cyber Security
The Podcast For Cyber Security Professionals
Welcome to the Razorwire podcast where we share information, best practices and up to date news in cyber security and infosec.

Our mission is to help you become a better cyber security professional and support our vision of creating an agile community of cyber professionals who are stronger than ever before.

This show is first and foremost about sharing knowledge and benefiting from collaboration. We bring you the advice and wisdom of both your host, James Rees, and his guests to build on the strength and depth of your own knowledge and experience.

Your host James Rees is an information security veteran with over 25 years of industry experience and is the founder of Razorthorn Security, delivering expert security consultancy and testing services on a day to day basis to some of the largest and most influential organisations in the world, including many in the Fortune 500.

The Razorwire podcast is for cyber security professionals looking for new ideas and the drive to improve their response to cyber security events. Through collaboration, we can strengthen our defences.

For more information about us or if you have any questions you would like us to discuss on the podcast email podcast@razorthorn.com or head to www.razorthorn.com